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ABSTRACT 



A method and system of communicating with a computer 
through a network prior to booting the computer's operating 
system or after operating system failure is provided. A 
multitasking kernel is implemented in a network enhanced 
BIOS. External references in a NIC device driver are 
resolved to reference services provided by the network 
enhanced BIOS. A workstation coupled to the computer 
through a network may be used to access and set status on 
the computer prior to loading the operating system or after 
operating system failure. The multitasking kernel may be 
operated simultaneously with a conventional BIOS. The 
computer may be further provided with a means for alerting 
the workstation in the event of a POST failure or operating 
system crash. 

60 Claims, 10 Drawing Sheets 
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Fig 4. 
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Fig 8. 
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Fig 9. 
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NETWORK ENHANCED BIOS ENABLING 
REMOTE MANAGEMENT OF A COMPUTER 
WITHOUT A FUNCTIONING OPERATING 
SYSTEM 

FIELD OF THE INVENTION 

This invention relates generally to a method and system 
for enabling the remote management of a computer over a 
network without the aid of an operating system functioning 
on the computer and more particularly to a method and 
system for enhancing a computer's BIOS to accommodate 
remote access and maintenance without the aid of an oper- 
ating system executing on the computer. 

BACKGROUND OF THE PRESENT 
INVENTION 

System errors causing operating system failure remain a 
pervasive problem in the computer industry. Such errors 
may occur as a result of hardware failure, user error, and for 
other reasons. These failures, particularly in the case of 
networked desktop computers or network system servers, 
may result in extended unavailability of computer resources 
and significant financial loss due to user down-time. 

Currently, there exists no effective process for completely 
eliminating such system errors causing operating systems to 
crash. In many cases, the only method of avoiding recurring 
crashes is to perform a post-mortem diagnosis, before reboo- 
ting the operating system, of the actions which brought 
about the crash. However, because of the physical difficulty 
in accessing and analyzing the failed computer and because 
time is often of the essence in making the system available, 
many users simply reboot the operating system without 
analyzing the problems which led to the crash. 

One example of where such access is necessary occurs 
with network servers. Such network servers are often critical 
to an organization's efficiency, and, yet, may be configured 
without certain hardware, such as a keyboard and computer 
display, necessary for performing a postmortem analysis. 
Network operators are therefore often hurried into simply 
rebooting the network server without performing a proper 
diagnosis of the problem. 

The problem of remotely analyzing and administering a 
computer also occurs in the case of wide area, or local area, 
networks where system administrators may be required to 
remotely maintain several computers. In typical operation, 
the operating system executing on the remote computers 
allows the system administrators to access and modify 
various parameters on the remote computer. However, in the 
event of an operating system crash, current systems provide 
no means for the administrator to access or diagnose the 
remote computer. Moreover, current systems typically do 
not allow the administrator to access the remote computer 
prior to loading an operating system on the remote computer. 
For example, U.S. Pat. No. 5,390,324 to Burckhartt et al. 
(the "Burckhartt patent") claims a failure recovery system 
allowing dial-up access to the failed computer once the 
failed computer has loaded a reduced operating system 
stored on a secondary partition on the computer's hard disk. 
The system of the Burckhartt patent boots off the secondary 
partition containing the secondary operating system when a 
detection means detects a system time-out indicating a 
primary operating system failure. 

The following background describes the typical structure 
and startup procedure of an IBM compatible personal com- 
puter ("PC"), however, the concepts are generally applicable 
to a variety of computer systems. Upon system reset, CPU 
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control is passed to a portion of the computer's Basic 
Input/Output System (BIOS) known as, the Power On 
System Test, or Power On Self Test, (POST). The terms 
system reset and system start-up, as used herein, shall be 

s synonymous and shall include any system start-up, reboot, 
system reset or other operation causing the commencement 
of the initialization or reinitialization of the initial program 
load operation of the computer. 

The POST is typically stored in read-only-memory 

10 (ROM) and is used to initialize the standard system 
components, such as system timers, system DMA (Direct 
Memory Access) controllers, system memory controllers, 
system I/O devices and video hardware. As part of its 
initialization routine, the POST sets the default values for a 

1 5 table of interrupt vectors. These default values point to 
standard interrupt handlers in the ROM BIOS but may be 
modified to access customized interrupt handlers. The POST 
also performs a reliability test to check that the system 
hardware, such as the memory and system timers, are 

20 functioning correctly. After system initialization and 
diagnostics, the POST surveys the system for firmware 
located on non-volatile memory on optional hardware cards 
(adapters) in the system. This is performed by scanning a 
specific address space for memory having a given signature. 

25 If the signature is found, control is passed to the firmware 
which then initializes the device on which it is located. 

After the hardware initialization is performed, the POST 
reads a block of data from a predetermined location from the 
boot device, usually the hard disk or a diskette drive, into 

30 memory, and passes control to the program in that data 
block. This program, known as a bootstrap loader, then loads 
a larger program into memory. If the larger program is 
properly loaded into memory the boot program passes 
control to it. The operating system is then initialized and 

35 gains control of the CPU. As described below, on certain 
disk-less, or media-less, workstations the adapter firmware 
located on a network interface card re-routes the pointers 
used to bootstrap the operating system to download the 
operating system from an attached network. 

The BIOS further comprises a set of routines, or interrupt 
handlers, for interfacing with the computer and its peripheral 
components. The BIOS interrupt handlers are accessed 
through the use of hardware or software interrupts. The 

45 addresses of these interrupt handlers are stored in an inter- 
rupt vector table. As noted above, this vector table may be 
modified to point to customized interrupt handlers. The 
BIOS is generally described by P. Norton in The Peter 
Norton PC PROGRAMME'S BIBLE, Microsoft Press 

50 ( 1993 )' 

While the BIOS interfacing routines were used by the 
MS-DOSE operating system, modern operating systems, 
such as Windows-95™, available from Microsoft Corpora- 
tion ("Microsoft"), do not extensively utilize the BIOS 

55 interfacing routines. Generally, Windows-95, and other 
modern operating systems, make use of device drivers 
specific to a particular type and model of peripheral hard- 
ware component when communicating with such peripheral 
hardware components. Device drivers provide a uniform 

60 interface through which more general purpose software may 
interact with the peripheral components. These device driv- 
ers may replace an existing BIOS interrupt handler, ~6t 
provide additional functionality which is otherwise not 
provided. The application software is thus freed from having 

65 to interact with the specifics of each hardware device. 

Many operating systems, including MS-DOS releases 
since MS-DOS 2.0, and releases of Windows up to Windows 
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3.11, include the ability to load installable device drivers communicating with a computer coupled to a network 

from disk whea the operating system is booted up. A user without the necessity of utilizing the computer's operating 

may load installable device drivers in the MS-DOS operat- system. 

ing system by including ^e command DEVICE-device It fe a forther object of the t invention to provide a 

file in the CONFIG SYS ^.MS-DOS then reads each s method md tem for com P mU nicating with a computer 

device driver file and loads the device driver into memory. 1j4 J t t . # -u u * # • p.u 

Wmdows-95 has the abihty to detect the peripheral hardware C0Uple f ° 3 ne ' WOrk f 10 '. ° ^TT^ * w 

components using the PCI (Peripheral Component computeT *°P™*« f stem - 11 15 a s^lrurther object of this 

Interconnect) and Plug and Play functions of the BIOS, and invenUon t0 P rov i de <** accessary additional software on the 

to load the appropriate drivers for the installed peripheral computer and software which may be executed on a second 

hardware components automatically. 10 computer remote from the first computer fitted with the 

While the use of installable device drivers provides a high network enhanced BIOS, and which second computer need 

degree of flexibility in handing peripheral hardware not itself be fitted with such network enhanced BIOS such 

components, such as network interface cards (NIC), as t0 ena °l e the transfer of commands and information 

heretofore, an operating system executing on the failed between the two computers. 

computer has been relied on to load the software driver and 15 The present invention is directed to a method and system 
provide any supporting functions necessary. If an operating of communicating with a computer through a network prior 
system will not boot, or if it is necessary to perform a to booting the computer's operating system or after operat- 
postmortem diagnosis prior to reloading an operating ing system failure. A networking application program inter- 
system, no software driver for the NIC will be loaded, thus f ace (API) is implemented in a network enhanced BIOS 
an administrator will not be able to use software acting 20 fltted t0 a first computer . ^is computer is preferably sup- 
through the NIC to access the system remotely There exists plied with a mc card and mc device driver file> Exteraal 
a need therefore for a method and system of utilizing an references in the NIC device driver which would normally 
instal able NIC device driver which is available before an be resolved to ^ ided b elements of the £ 

S!n1 ^^JTS^n^^n^ 7 * °° s y stem ™ ^tead resolved to reference services pro - 

25 vidcdbythe API .of the network enhanced BIOS. Ascend 

the execution of user-level programs and that provides computer coupled to the first computer through the network 

services to such user-level programs such as resource may transfer commands, status and data prior to the loading 

allocation, scheduling, I/O control and data management. of tne opiating system or after operating system failure. 

Exemplary of such operating systems are MS-DOS™, The first computer may be further provided with a means for 

Windows-95™, Windows-NT™, all available from alerting the second computer in the event of a POST failure 

Microsoft, MacOS™, available from Apple Computer, and or operating system crash. 

various versions of Unix® available from a number of BRIEF DESCRIPTION OF THE DRAWINGS 
vendors including Sun Microsystems. Modern operating 

systems, such as Windows-NT, often include a protected For a more complete understanding of the present 

mode kernel or base system at the core of the operating 35 invention, reference is made to the following Detailed 

system. Description taken in conjunction with the accompanying 

A key problem in the remote administration of computer drawings in which: 
systems is the fact that there are hundreds of different FIG. 1 is a functional block diagram of an exemplary 
network interface card types available from a number of system architecture including a server computer, a desktop 
vendors, each of which may be programmed differently and w computer, a networked management workstation and a net- 
may utilize a unique device driver. Developing new device work for practicing the invention; 

drivers for each of these card types would be expensive and FIG. 2 is a functional block diagram of an exemplary 

lead to unrehabuity.lt is therefore an object of the present computer system, including the computer system 

invention to utilize the network enhanced BIOS to use „„ m „ ftnon *c c~ r „„^ f - • 

* j j xrn- j j- j r ■ . components, lor practicing the invention; 

standard NIC device drivers developed for existing operat- 45 ct V, - A . ^ A . , , 

ing systems, and thus not require customized device driver 3A 15 a pactional block diagram of the conventiona 

software for each of the available network interface card BI0S sectlon of a computer showing the major functional 

types components of a portion of BIOS created in accordance with 

This objective may be achieved by utilizing standard the P resent invention; 

interfaces defined by certain operating system vendors. To 50 FIG 3B is a functional block diagram of a network 

support a virtually unlimited variety of network card types, enhanced BIOS section of a computer, showing the major 

operating system vendors have defined standard interfaces functional components in accordance with the present inven- 

that are to be used by network interface card device drivers. tion; 

This allows the operating system to support any NIC which FIG. 4 is a flowchart showing software contained on a 
supplies driver software that adheres to the standard inter- computer configured for remote access in accordance with a 
face. Novell, Inc. ("Novell") has defined one such standard, preferred embodiment of the present invention; 
the Open DataHnk Interface ;(ODI). Drivers written accord- FIG. 5 is a functional block diagram of the layers of the 
< u £ ^ard can be* sed by NetWare™, available Qetwork interfacc components in accor dance with the 
from Novell. Microsoft has defined a second standard, the pre sent invention- 
Network Driver Interface Specification (NDIS). Drivers ^ rj „ <. . . ' . . , . - 
written according to the NDIS standard can be used by <o ; 6 f a block **&*m of a network protocol 
Microsoft operating systems (e.g. Windows NT) f ck ^P^ted by network enhanced BIOS in accor- 
Additionally, other standards are available for versions of dance with a preferred embodiment of the present invention; 
the UNIX™ operating system. FIG - 7 * a functional model of an RPC facility imple- 
mented in accordance with the present invention; 
SUMMARY OF THE INVENTION 65 FIG. 8 is a functional block diagram of a mechanism in 
In addition to the object listed above, it is an object of the accordance with the present invention for handling transition 
present invention to provide a method and system for between modes of the BIOS; and 
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FIG. 9 is a functional block diagram of a watchdog timer on disk-less workstations not having a floppy disk drive 150 

mechanism in accordance with the present invention. or a hard disk drive 160. 

The computer 400 also preferably includes a network 

DETAILED DESCRIPTION interface card (NIC) 170, also known as a network adapter. 

„ f A . . ... . . . ... 5 The NIC 170 is preferably connected to the system bus 105 

deferred embodiments of the presen invention will now yia a ^ of £ circuit ; iots 165 the computer. The 

be described with continued reference to the drawings. sk)ts u$ prcfcrably to an industry standard> sucn as 

FIG. 1 shows an overall view of a preferred embodiment Intel's PCI standard. Alternatively, the NIC 170 may be 

of the system architecture. A server computer 100 is physi- directly coupled to the system bus 105 without use of a 

cally connected to the management workstation 200 via 10 system circuit slot. 

network 300. Network 300 may be any of a number of Alternatively, the computer 400 may substitute for the 

commercially available local or wide area networks includ- NIC 170, or in addition to the NIC 170, a modem. Such 

ing Novell's NetWare™. A "network" or "computer modem may be an internal modem 190, which may be 

network", as such term is used herein, shall be generally connected to the system bus 105 or to one of the set of 

defined as a group of two or more connected computers; two J5 system circuit slots 165, and/or an external modem 180, 

computers being "connected" when they can exchange mes- which typically is connected to a serial interface 175 which 

sages or data. Thus, for example, the connection technology, is connected to the system bus 105. Optionally, the computer 

the network topology and the network protocols can vary 400 may be networked directly to a workstation 200 via a 

and include, for example and without limitation, in addition cable connection to the serial interface 175 or a parallel 

to the LAN and WAN networks mentioned above, two 2Q interface (not shown). 

computers directly connected via a serial or parallel inter- Referring now to FIGS. 3A and 3B, the component 

face and a cable, two computers directly connected via modules of the conventional BIOS section 500 and network 

modem connections over a public switched telephone enhanced BIOS section 600 of a BIOS of a computer created 

network, such as via the so-called "plain old telephone m accordance wim the present invendon are illustrated. The 

service", two computers connected via an ISDN connection 25 conventional BIOS section 500 consists of early POST 510, 

over a public telephone network, or two computers coupled me rest of P0ST 52 o, display services 530, such as cursor 

across an internet. A desktop computer 400 may also be position and writc charactcr> which are used internally 

connected to network 300. The server computer and desktop within (ne BI0S to display error and status information, 

computer shown are exemplary and may each be one of a P0ST timc scrvices 54fJ such ^ me hardwarc tcst routm es, 

multiplicity of such computers. 30 mn time services 550 such as interrupt 10H Video output 

With reference now to FIG. 2, a computer 400 on which services and interrupt 13H disk access services, and enabler 

the present invention may be practiced is shown. The code 560. The enabler code 560 provides the conventional 

computer 400 shown in FIG. 2 and described herein is BIOS 500 with the ability to detect and load the network 

exemplary and may be modified without deviating from the enhanced BIOS 600, and to give control to the network 

present invention. Moreover, although the computer 400 in 35 enhanced BIOS 600 initialization entry point. It further 

FIG. 1 is shown as a desktop computer, it is understood that contains the routines which allow cooperative multitasking 

the term computer as used herein shall include, without between the Conventional BIOS 500 and the network 

limitation, desktop computers (shown as 400 in FIG. 1) and enhanced BIOS 600. The division between early POST 510 

server computers (shown as 100 in FIG. 1), or embedded and the rest of POST 520 is a pragmatic one, POST is 

systems (not shown) such as Auto Teller Machines, or Point 4 q divided into a large number of routines which are executed 

of Sale terminals, or Vending Machines. under the control of the POST dispatcher routine 505. Early 

A system bus 105 forms the backbone of the components POST 510 Is preferably the set of POST routines which are 
of the computer 400. Attached to the system bus 105 are a required in order to configure the computer sufficiently to 
central processor unit (CPU) 110 and system random access allow the network enhanced BIOS 600 to be initialized. As 
memory (RAM) 120. The CPU preferably operates in at 45 discussed below, early POST 510 preferably includes the 
least two modes, real mode and protected mode — as is operations of: programming the memory controller; deter- 
commonly known in the art. Non-volatile memory 125, mining the size of memory; testing memory; initializing the 
preferably in the form of flash ROM, is connected to the chipset sufficiently to access a PCI bus if present; initialize 
system bus 105. The non-volatile memory 125 does not and test the interrupt controller; configure an interrupt for 
change state when the computer 400 is powered down or 50 the network adapter; and initialize a VGA controller if 
reset. User input/output may be performed through a visual present. Early POST 510 may optionally also program other 
display unit 130, video controller 135, keyboard 140, and chipset registers. Early POST routines 510 are preferably 
keyboard controller 145. The CPU 110 and RAM 120, as stored in nonvolatile memory 125. 

well as the video controller 135, may optionally be coupled The network enhanced BIOS 600 augments the conven- 

via a separate local bus (not shown). Mass storage devices 55 tional BIOS section 500 with an initialization section 610, a 

may include a floppy disk drive 150, and associated floppy 32-bit protected mode kernel 620 incorporating a kernel 

disk controller 155, and/or a hard disk drive 160 and dispatcher 621 and a loader 630. The network enhanced 

associated hard disk controller 161. In one embodiment of BIOS 600 further augments the conventional BIOS section 

the present invention implementing the watchdog timer 500 with a protocol stack 640 which exploits the services 

mechanism described below, the computer 400 also includes 60 provided by the kernel. Since modern operating systems 

System Management RAM (SMRAM) 121, an external normally include a protected mode kernel of their own, the 

timer 122, and chipset external logic 123. Preferrably, the network enhanced BIOS 600 normally terminates upon 

timer 122 is implemented within the chipset logic 123. As booting of the operating system, however, a variation of the 

noted above, the description of FIG. 2 is exemplary and may present invention allows at least a portion of the network 

be modified in a number of ways which will be apparent to 65 enhanced BIOS 600 to remain in memory. This resident 

one of skill in the art without deviating from the present portion is used to interface to the watchdog detection 

invention. For example, the invention may be implemented mechanism described below. 
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Referring now to FIG. 4, upon system start-up 410, CPU the address of the kernel mode switch entry point with the 

control is passed 411 to the early POST 510 routines. Early BIOS 830. This routine returns the address of the BIOS 

POST 510 performs the preliminary tasks necessary to the mode switch entry point 835. 

operation of the system such as programming the memory An iterated state 800 where the conventional BIOS and 

controller, interrupt controller, system bus controller, and s 32-bit kernel threads are run alternately is then entered. The 

other chipset registers. This operation is identical to that of kernel saves its state 840, that is stores all the CPU registers 

a BIOS which is not network enhanced. md flags m a memory data area. Ajump is then executed 845 

Control then passes 412 to the network enhanced BIOS to the BIOS mode switch entry point. The previously saved 

installation check routine which is part of the enabler 560 of BIOS state is restored 850, and conventional BIOS code 

FIG. 3. The installation check routine scans sequentially 10 executes. CPU control is passed 855 to the POST dispatcher 

through the non-volatile memory 125 looking for a sequence routine 505 of the conventional BIOS section 500, which 

of data known to be the signature indicating the start of the will execute the current BIOS POST routine until it either 

network enhanced BIOS 600 code. If the installation check completes or suspends because it is awaiting an external 

routine determines 439 that no such signature is present, the event such as an interrupt, or the end of a programmed time 

rest of POST routine 520 executes 413 and control is passed 15 d e i av . Certain POST tasks such as the memory test may take 

414 to a bootstrapping routine supplied by the operating a long time to execute, and within these tasks conventional 

system. As described above, the bootstrapping routine loads BIOS will yield control to the 32-bit kernel 620 at regular 

432 the operating system and passes 415 CPU control to it. intervals. At this time the BIOS again saves its state 860, and 

If the signature indicating the start of the network a j um P is executed to the kernel mode switch entry point 

enhanced BIOS 600 code is found then a relocation routine 20 865. The kernel restores its saved state 870, reenters pro- 

416 copies the network enhanced BIOS 600 from the tected mode 875 > and the kernel dispatcher 621 will then 

non-volatile memory 125 into RAM 120, and CPU control schedule all the threads which are not blocked 880. When 

is passed 417 to the initialization routine 610 of the network me kernel dispatcher 621 determines that there is no thread 

enhanced BIOS 600 code which is at a known offset from ready to execute, in other words the system is "idle", the 

the start of the signature. Since the conventional BIOS 500 25 kernel reenters real mode 885, and the process is iterated 

typically operates in real mode, the network enhanced BIOS & om tne point at which the kernel saves its state 840. 

initialization routine 610 switches the CPU into protected The kernel 620 preferably implements interrupt handling 

mode and initializes the 32-bit kernel 620, and each com- such that if a BIOS POST routine is awaiting an interrupt 

ponent of the protocol stack 640. and has yielded control as a result, when the interrupt occurs 

As shown in FIG. 4, the network enhanced BIOS kernel 30 during a 32-bit kernel task that interrupt is reflected to the 

620 is preferably multithreaded, that is, it supports the BIOS task. The converse is true, interrupts intended for a 

apparently simultaneous execution of multiple tasks by 32-bit kernel thread, which occur during the execution of a 

switching the CPU control from one task to another accord- BIOS task, must be reflected to the 32-bit kernel thread. The 

ing to which task has the highest priority. Tasks may be management of reflection of interrupts will be familiar to 

blocked from executing if they are awaiting some external 3 those with knowledge of Microsoft Windows Virtual device 

event, or waiting for another task on which they are depen- drivers (VxD). The performance of processor mode transi- 

dent to complete execution. To assist with the cooperation lions is documented in microprocessor manuals published 

between tasks, the kernel provides functions for signal, by Intel Corporation. Similar solutions for other driver types 

semaphore and mutual exclusion functions, which will be afl d microprocessor architectures will be apparent to those of 

familiar to those of skill in the art. The switching of CPU 40 ordinary skill in the art in light of the disclosure herein, 

control between the different tasks is performed by the The effect of the alternate execution of conventional 

kernel dispatcher 621. BIOS and 32-bit network enhanced BIOS tasks is that the 

A number of threads are started at this time by the network network enhanced BIOS threads, and the current conven- 

enhanced BIOS initialization routine 610 to support the 45 tional BIOS POST task appear to operate simultaneously, 

network protocol stack 640, and different features of the Returning to FIG. 4, it can be seen that there are two 

communication with the management workstation 200 execution paths after the initialization 417, and multiple 

application. These threads are preferably 32-bit protected execution paths after a session key (discussed below) has 

mode code and are discussed below where these features are been exchanged 422. Conceptually these tasks and threads 

further explained. 50 operate simultaneously. The dashed lines in FIG. 4 indicate 

The method of inter-operation of the conventional BIOS a simultaneous execution of threads 423 through 427. 

500 with the network enhanced BIOS 600 employed in the The preferred embodiment of the present invention is 

first embodiment of the present invention will now be described herein using the term "tasks" generally as a term 

described. The detail of the method of inter-operation may for the sequence of real mode routines from the conventional 

be modified without affecting the principle of the present 55 BIOS which are executed in sequence by the POST dis- 

invention. patcher. Only one of these tasks is ever active at a time. The 

Referring to FIG. 8, the initial transition from the con- term "threads" is generally used herein as a term for 32-bit 

ventional BIOS code to the network enhanced BIOS 600 is protected mode code being scheduled by the kernel dis- 

illustrated in further detail, as is the iterated process of patcher 621. These threads conceptually run simultaneously 

inter-operation switching which occurs subsequently. The 60 with each other, and a single conventional BIOS POST task. 

BIOS saves its state 805, that is stores all the CPU registers However, it will be apparent to one of ordinary skill in the 

and flags in a memory data area. The network enhanced art mal tne present invention is not limited to any specific 

BIOS 600 code and data is then decompressed and relocated distinction between tasks and threads. 

810, and CPU control is transferred to the entry point of this Referring to FIG. 4, the conventional BIOS section 500 

code 815. The kernel, and network protocol stack are 65 continues to execute 418 through its rest of POST routines 

initialized 820. The processor is returned to real mode 825, 520. The network enhanced BIOS 600 now "simulta- 

and a conventional BIOS service routine is called to register neously" starts to use the network communication. The 



06/18/2004, EAST Version: 1.4.1 



5,9' 

9 

detail of the network protocol stack operation is given later, 
this section gives an overview of the transactions taking 
place. The network enhanced BIOS 600 first issues 419 an 
alert packet onto the network 300, and prepares to open a 
data connection. The network enhanced BIOS 600 waits 420 
a predetermined period for a response from a management 
workstation 200. The format of this alert packet and any 
which may be issued subsequently is preferably an SNMP 
(Simple Network Management Protocol) packet. SNMP is a 
standard protocol within the TCP/IP (Transmission Control 
Protocol/Internet Protocol) suite and is commonly used to 
manage and monitor nodes on a TCP/IP network. SNMP and 
TCP/IP is well known in the art and described, for example, 
by J. Martin, TCP/IP Networking, PTR Prentice Hall (1994). 
This allows third party Management Software such as HP 
Open View™, available from Hewlett-Packard, running on a 
computer connected to the network to log and display such 
alerts even if there is no management workstation response. 
The use of other protocols will be readily apparent to those 
of ordinary skill in the art. 

In the event that no response is received from a manage- 
ment workstation 200 after a configurable time period, 
which is preferably of the order of five seconds, the network 
enhanced BIOS 600 may be configured either to attempt to 
make a connection to a different management workstation, 
or the operation of the network enhanced BIOS 600 may be 
terminated, in which case the conventional BIOS section 
500 will complete POST in the normal way. If there are no 
POST errors, the conventional BIOS section 500 will issue 
431 a bootstrap alert packet onto the network 300 and 
transfer 414 CPU control to BIOS bootstrap routine, thence 
to the boot sector code 432, thence to the operating system 
415. If the rest of POST 520 routine detects 438 an error it 
will determine 437 whether the error is critical or not. If the 
rest of Post 520 routine detects a non-critical error, the 
conventional BIOS section 500 will issue 434 a non-critical 
error alert onto the network 300 and continue processing. If 
the rest of POST 520 routine detects 437 a critical error it 
will issue 435 a fatal error alert onto the network 300 and 
enter 436 a diagnostic mode. 

If a response is received from a management workstation 
200, it is preferably authenticated 421 such as by calculating 
a hash function based on the message contents and a secret 
key which should be known only to the authorized manage- 
ment workstation 200 application and the computer 400 with 
a network enhanced BIOS 600. This is compared with the 
message authentication code sent as part of the worksta- 
tion's response. Only an authorized management worksta- 
tion will be able to generate a response which contains the 
correct authentication code. 

Further communications between the workstation 200 and 
network enhanced BIOS 600 are preferably authenticated, 
such as by using the secret key to exchange 422 a session 
key, based on a random number. One of the well known key 
exchange mechanisms may be used such as Diffie-Hellman, 
as described in Steiner, Applied Cryptography. See also, 
U.S. Pat. No. 4,200,770 to Hellman et al. All future network 
responses for the remainder of the session are required to use 
the exchanged key to calculate the message authentication 
code. 

Once the session key has been exchanged, further threads 
are created to provide the additional services required for the 
functions to be supported by the management workstation. 
To provide a remote console facility, a keyboard redirection 
thread 423 is started which accepts scan codes sent from the 
management workstation 200 application and puts them into 
the output buffer of the keyboard controller 145 using a 
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mechanism normally designed for diagnostic purposes. 
These scan codes are then read by the normal interrupt 
service routine of computer 400, and the effect is identical 
to a key having been pressed on the keyboard 140. A key 
s monitoring routine 430 examines all keystrokes received, or 
typed at the keyboard 140. Certain keys are interpreted as an 
instruction to perform special actions such as entering a 
special diagnostic mode or performing a particular type of 
reboot operation. 

10 A screen redirection thread 424 captures all output to the 
screen by intercepting the BIOS screen display interrupt 
10H, and the BIOS display services output. This is buffered 
and sent to the management workstation application peri- 
odically when it requests a transfer of the outstanding screen 

15 data. Screen redirection thread 424 and keyboard redirection 
thread 423 are described further below in connection with 
the applications protocol layer. 

A disk redirection thread 425 provides the option of 
support for redirection of accesses to the floppy disk drive. 

20 When so configured, the BIOS software disk services inter- 
rupt (interrupt 13H on the Intel 80x86) is intercepted and all 
references to the floppy disk drive (typically the A: drive) are 
buffered and sent to the management workstation 200 appli- 
cation periodically when it requests any outstanding disk 

25 operations to be transferred. To service these references the 
management workstation application accesses either its own 
floppy disk, a file on its hard disk, or a file on a drive located 
on another machine elsewhere on the network. Operation of 
the BIOS disk redirection thread 425 will suspend until the 

30 redirected disk operation has taken place, and the data or 
result code has been returned via the network 300. The 
transferred data is returned to the calling application or 
operating system function as the result of the interrupt 13H 
operation. 

The mechanism of disk redirection as just described may 
be exploited to provide the computer equipped with a 
network enhanced BIOS with the ability to bootstrap an 
operating system from a floppy disk, or file resident on 

4Q another computer. This is particularly useful in diagnosing 
faults on a computer where the entire disk subsystem has 
failed, and may also be exploited to create diskless work- 
station computers. As described above in reference to the 
background of the present invention, this function has pre- 

45 viously been available on PC compatible computers by 
installing a network card with a "boot ROM", which is 
specific to a particular network card, and is supplied at 
additional cost. According to the present invention this 
function of booting from and accessing a remote drive is a 

5Q general purpose function of the network enhanced BIOS 
600, and will operate with the wide range of network cards 
for which standard drivers, such as ODI or NDIS drivers, are 
available. 

A loader services thread 426 provides the management 
5S workstation 200 application with an interface to the module 
loader 630. The management workstation 200 can send 
messages to the module loader 630 containing code and data 
to be loaded into RAM, and executed as an additional 
transient network enhanced BIOS thread. 
60 An asynchronous command thread 427 provides the man- 
agement workstation 200 with an interface by which it can 
" issue asynchronous commands to the network enhanced 
BIOS 600, for example to request the transfer of BIOS data, 
enter the special diagnostic mode, or perform a particular 
$5 reboot operation. 

All the threads described above continue to run through- 
out the time when the network enhanced BIOS 600 is active, 
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generally until the POST completes. As noted above, in the The function of the IP layer 733 is to make the topology and 

case when there is no intervention from the management physical characteristics of the network 300 transparent, 

workstation 200, and there is no POST error, an alert The topmost layer in the model Is the application layer 

indicating that the POST is successfully completed is sent 721 which uses the services provided by the protocol layer 

431. s 722 to transfer data over the network. 

The network enhanced BIOS 600 may further install its The Network Driver Layer 

own interrupt handlers for the timer tick interrupt (interrupt Th e network driver layer 724 couples the networking 

08H on 80x86 microprocessors). The timer tick interrupt prot ocol layer 722 with the network card hardware 725. The 

vector is directed to a procedure implementing step 860 in net work driver layer 724 is preferably implemented in 

FIG. 8, which forces the current real mode code to save its w accordance wit h standard interface specifications. As noted 

state and jump to the network enhanced BIOS 600. This above> ^ possible specifications, among others, are ODI 

enables the network enhanced BIOS 600 to continue to ^ ^ implementation described herein details 

obtain CPU control at regular intervals while certain real- usage of drivers m accordance with the ODI stan- 

mode operating systems, such as MS-DOS, load and are dard It wU1 5e obv ious to one of skill in the art to implement 

running. Note that the BIOS screen display interrupt 10H 15 a netW ork enhanced BIOS that will support use of drivers 

may have previously been redirected to a handler as part of developed according to other standards, such as NDIS or 

the remote console facility already described, and this UNIX standards, or even to support multiple standards, 

mechanism remains in place. CPU control then passes to the Referring now to FIG. 6 the preferred embodiment of the 

bootstrap 432. network protocol stack will be described. The ODI specifi- 

If the operating system to be loaded is a protected mode 2 rj cation defines an interface that separates the network device 

operating system, such as NetWare or Windows-NT, then it dr j vcr 724 from the upper layers. The Link-Support Layer 

will switch the processor to protected mode, replace the (lsl) 734 provides registration and buffer allocation ser- 

interrupt vectors including the timer tick and screen display v i ces to both the upper layers of the protocol stack, and the 

interrupts described above, take over control of the CPU network drivers. The components of the network device 

110, and except for its crash recovery functions, the network 15 dr j V er are known collectively as Multiple Link Interface 

enhanced BIOS will cease to function. Drivers (MLID). The MLID 738 may itself be separated into 

If a real mode operating system such as MS-DOS without three components, the Media -Support Module (MSM) 735, 

any protected mode memory manager is loaded then the the Topology-Specific Module (TSM) 736, and the 

network enhanced BIOS code will remain in extended Hardware-Specific Module (HSM) 737. The MSM routines 

memory. When MS-DOS reprograms the interrupt vectors it 30 735 are common to all drivers and support the interfacing of 

will chain the existing vectors, so that the MS-DOS interrupt the network driver layer 724 to the network enhanced BIOS, 

handling routine will execute first, and then the routine to The TSM routines 736 are common to drivers for a specific 

which the vector pointed at the time the MS-DOS bootstrap networking technology, such as Ethernet or Token Ring. The 

was started. This has the result that all the functions of the HSM routines 737 are specific to each particular NIC 170. 

network enhanced BIOS 600 including the remote console 35 The HSM routines 737 must handle NIC initialization, 

facility continue to be available when such operating sys- power-up, shutdown, reset, packet receipt and transmission, 

terns are running. and timeout. 

It will be apparent to those of skill in the art, based on the In order to facilitate network card driver development, 

disclosure contained herein, that additional threads which much of the code that is common to many TSM and MSM 

may be run under the control of the kernel dispatcher, either 40 routines have been identified and placed by third party 

in a POST time or DOS environment, may be added. developers into a commonly available set of routines that 

Network Protocol Layer can be used by the driver. These routines may be ported to 

Referring now to FIG. 5, a preferred method of providing be incorporated in the BIOS and execute without operating 

a network interface within the BIOS will be described. system support. These TSM and MSM routines may, in turn, 

Generally network support is divided into software layers. 45 be relied on by the HSM drivers 737. By definition, an ODI 

For example, the international standards organization has compliant HSM device driver must utilize only ODI speci- 

defined a seven layer model for networking support. Each fied services. Thus a network enhanced BIOS 600 which 

layer within the division may use the services provided by supplies those TSM and MSM services will be able to 

the layer "below" it, and provides services to the layer support an ODI compliant HSM device driver without 

"above." 50 assistance of an operating system. 

The network driver layer 724 is the bottom software layer. Implementing the MSM and TSM routines in the network 

The layer below it is the networking hardware itself — the enhanced BIOS 600 preferably is performed via the addition 

Network Controller Interface 725. The network driver layer of a small multitasking kernel, as already described above. 

724 provides services to the networking protocol layer 722 The network enhanced BIOS 600 preferably implements 

above. 55 the LSL, MSM and TSM routines; however, much of the 

The networking protocol layer 722 is itself logically functionality of these routines may be omitted to conserve 

broken into layers where lower level protocols are used to nonvolatile RAM 125, in which they are preferably stored, 

enable higher level protocols to operate. For example, a In this manner, the network enhanced BIOS 600 provides the 

connectionless datagram protocol which delivers packet networking interface card 170 with an environment that is 

data without guarantee of delivery or the sequence of 60 similar to the one provided by the operating system, and 

delivery (e.g. Unreliable Datagram Protocol (UDP) — 732 of allows existing standards-compliant device drivers to func- 

FIG. 6)) is used by a higher level protocol that supports tion for the purposes herein without modification. The 

guaranteed sequenced data delivery (e.g. Transmission Con- optimal minimal set of routines is determined by inspecting 

trol Protocol (TCP)). The preferred embodiment of the a number of different ODI drivers, available from different 

invention implements only a connectionless datagram pro- 65 manufacturers, and establishing which routines are neces- 

tocol to conserve non-volatile RAM space. The UDP 732 sary for the application level services which are to be 

passes IP datagrams, or packets, to the IP layer 733 (FIG. 6). supported by the network enhanced BIOS. The preferred set 
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of imported functions for NE2000, Intel EtherExpress, and 
3Com 90x, as currently understood by the inventors, is listed 
in TABLE 1 below: 

TABLE 1 



EtheiTSMFastProcessGelRCB 

EtheiTSMFastRcvComplete 

EtheiTSMFastSendCdmplete 

EtheiTSMGetASMHSMIFLevel 

EtherTSMGetNextSend 

EtheiTSMGetRCB 

EtheiTSMRegisteiHSM 

EtheiTSMSendComplete 

EtheiTSMUpdateMulticast 

GetCurrentTlme 

MSMAlertFatal 

MSMAlertWarning 

MSMAllocPages 

MSMAllocateRCB 

MSMDriverRemove 

MSMFreePages 

MSMGetMicroHmer 

MSMGetPhysLcal 



MSMPaiseCustomKeywords 

MSMPais eDriverPara meters 

MSMPrintString 

MSMPrintStringWarning 

MSMRdConfigSpacel 6 

MSMRdConfigSpace32 

MSMRdConfigSpace8 

MSM ReadPhysicalMemor y 

MSMRegisterHardwareOptions 

MSMRegisterMUD 

MSM ReturnDriverResources 

MSMReturaRcvECB 

MSMScanBxifilnfo 

MSMSchedulerntTimeCallBack 

MSMSearchAdapter 

MSMSetHardwarelnterrupt 

MSMWrtConfigSpaceie 

MSMYieldWithDelay 

IOConfigurationList 
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The Protocol Layers 

To facilitate application development, the network 
enhanced BIOS 600 also preferably implements some of the 
various protocol layers. Two families of protocols are pref- 
erably implemented: Internet Packet Exchange/Sequenced 
Packet Exchange (IPX/SPX), with its required lower level 
protocols, which is common on NetWare™ based networks; 
and the Transmission Control Protocol/Internet Protocol 
(TCP/IP) protocol family, with its support protocols such as 
Internet Control Message Protocol (ICMP). However, where 
nonvolatile RAM is at a premium, the implementation may 
omit some or all of this functionally. For example, the 
network enhanced BIOS 600 may implement IPX and not 
SPX which guarantees packet delivery and is implemented 
on top of IPX. The RPC Layer To further facilitate appli- 
cation development a protocol layer providing the function- 
ality of remote procedure call (RPC) 731 (FIG. 6) is pref- 
erably implemented. This is a subset of the functionality of 
RPC described for example by Nelson B. J., Birrell A D., 40 
Implementing Remote Procedure Calls, ACM Transactions 
on Computer Systems, 2(1), February 1984. As shown in 
FIG. 7, an RPC server 751 is provided within the network 
enhanced BIOS 600, and an RPC client 752 is provided 
within the management workstation 200 application. This 45 
allows an application program on the management worksta- 
tion 200 to include a simple function call 753, the param- 
eters of which are passed 754 using the lower level network 
protocols over network 300 to the machine 400 with the 
network enhanced BIOS 600. The RPC function is then 
executed by a service routine 755 on said network enhanced 
computer 400, and the result returned 756 to the manage- 
ment workstation. The client calling procedure 753 and 
server called procedure may interface with a calling stub, or 
called stub, respectively (not shown). This provides a simple 
way in which application programs can interact with the 
network enhanced BIOS 600. Preferably, the network 
enhanced computer 400 authenticates the RPC requests 
using a message authentication code protocol such as 
already described above. 

The RPC mechanism also provides a means for OEMs to 
implement enhanced services, such as accessing data from 
server management hardware or loading diagnostic code at 
manufacturing test times. 
The Application Layer 

The Application Layer 721 contains the various applica- 
tion services that an administrator may remotely access. 



These applications preferably include redirection of 
screen and keyboard to the network 300, allowing control of 
applications through the network, instead of using the local 
keyboard 140 and video display unit 130. This will facilitate 
a number of features on the remote console facility such as 
allowing the remote console facility to observe the messages 
and any errors reported by the POST and to allow the 
viewing and changing of parameters controlled by the BIOS 
using the BIOS setup screens or other BIOS configuration 
method. 

Screen and keyboard redirection through the network 300 
may be achieved using threads 423 and 424 (FIG. 4) and the 
RPC mechanism described above. Keyboard redirection 
may be achieved by capturing the keystrokes of the work- 
station 200, and making an RPC call to transfer the scan 
codes corresponding to the keystrokes from the workstation 
200 to the computer 400. A service thread 423 incorporated 
in the network enhanced BIOS 600 then simulates the effect 
of that scan code having been received from the local 
20 keyboard. Amongst other methods, this simulation may be 
achieved by sending a special command to the keyboard 
controller circuit 145, which inserts the transferred scan 
code into the keyboard controller circuit output buffer. 

Screen redirection is more complex because it requires 
transfer of data from the network enhanced BIOS 600 to the 
workstation 200 and the described RPC mechanism gener- 
ally does not allow this transfer to be initiated from the 
computer 400. Therefore in the workstation 200 application 
program a call is made to an RPC function which transfers 
a request across the network 300 which then activates a 
service routine incorporated in the network interface of the 
BIOS on the computer 400 which blocks execution of the 
respective screen redirection threads until there is screen 
data ready to be sent back to the workstation 200. As noted 
above, the services are preferably multithreaded, to allow 
other operations to continue while awaiting screen data. The 
service routine can capture the screen data by hooking the 
BIOS screen display service interrupt, or it may be directly 
linked to BIOS display services code which outputs char- 
acters to the screen. When screen data is available it is 
placed in a buffer in memory, and this causes the RPC 
server's service thread to be unblocked. A network packet 
containing screen data is sent. This causes the RPC client 
thread to unblock, and the screen data is returned to the 
management workstation application as the result of the 
original function call. 

Other possible applications which exploit the preferred 
layered architecture, and in particular the RPC function, 
include diagnosis routines, allowing the network enhanced 
computer 400 to be tested by issuing test commands and 
viewing results on the workstation 200 using the network. 

Other applications which can exploit the preferred layered 
architecture will be apparent to those of skill in the art. 
Binary Compatibility 

Network adapter manufacturers typically supply a file 
containing an operating system specific device driver with 
each network adapter. In order to use the network driver 
developed for such operating systems, the network enhanced 
BIOS 600 must utilize the binary image contained in the 
driver file. Under the ODI standard, the driver image is in 
NetWare Loadable Module (NLM) file format. Drivers 
supplied by network adapter manufacturers supporting the 
ODI standard implement the HSM portion of the ODI 
specification. The loading process must convert this format 
and load the driver into non-volatile memory. In the loading 
process, device driver references to external routines and its 
entry points need to be processed. The NLM format contains 
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information about external routines which are required to 
support the operation of the code it contains. This is in the 
form of a table of addresses from which the external routines 
must be called, and a corresponding reference which may be 
interpreted as the name of the external routine. During the 5 
loading process the required routines are located in memory, 
and the places in the NLM code which need to reference 
these external routines are modified. This process will be 
familiar to those of skill in the art, by whom it is usually 
referred to as "linking". 10 

In one embodiment of the present invention, a separate 
operating system based utility reads the NIC manufacturer's 
supplied driver file, resolves references to external symbols 
in the driver, and outputs a binary file which is then loaded 
to non-volatile memory. In an alternative embodiment of the 15 
present invention, the driver file will be directly loaded to 
the non-volatile memory by the BIOS code. The network 
enhanced BIOS 600 resolves the external references in the 
driver file at system start-up. As noted above, the external 
routines referenced by the manufacturer's device driver are 20 
implemented within the network enhanced BIOS, eliminat- 
ing the need to access the operating system. 

In addition to the actual driver code and data, the driver 
binary file contains several tables; this includes: 

a file header which describes the location and nature of the 25 
various other tables; 

the image of the driver code section; 

the image of the driver data section; 

the name and the usage location of symbols which should 30 
be provided by other modules (import table); 

the name and location of symbols that the driver provides 
that can be used by other modules; and 

a table allowing driver code and data image to be fixed, 
based on the final address in which the driver is loaded; 35 
this table is usually referred as the "fix-up" table. 

The driver loading code (either part of the network 
enhanced BIOS 600, or in a separate operating system based 
utility) uses the information in these tables, to resolve the 
references to other modules, and to fix the driver image 40 
based on the final loading address. 
Operation with modem instead of NIC 

As noted above, where no network connection using a 
NIC is possible it may be desirable to utilize a modem 
connection as an alternative. This is preferably achieved by 45 
creating a software module which implements the MLID 
portion of the ODI specification, but is adapted to send and 
receive data via the serial interface of the computer 175, and 
thence via an external modem 180 to a remote computer. 
(FIG. 2) Alternatively an internal modem 190 may be 50 
utilized. This software module may be finked and installed 
in the nonvolatile memory as an alternative to the HSM, and 
by the method described above. 

In an alternative implementation, the software module for 
modem support is preferably designed to provide the same 55 
API as the UDP layer of the protocol stack. In this case the 
UDP, and all lower layers of the protocol stack may be 
omitted from the nonvolatile storage of the computer. 
Operating system failure detection and handling 

Operating system 901 (FIG. 9) failure may be detected 60 
through any of a number of known techniques or through the 
novel watchdog mechanism described below. 

Many operating system failures result in a controlled 
failure mode wherein the operating system itself detects the 
failure and executes an error routine. Operating system code 65 
or documentation may be examined to determine the path of 
execution of such error routine. By the use of a device driver 
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with system level privileges it is possible to modify the error 
routine to force it to transfer control to a portion of the 
network enhanced BIOS 600 which has been retained in 
memory for the purpose. The network enhanced BIOS also 
preferably provides an Application Program Interface (API) 
or a simple error routine entry point for the operating system 
to address when entering controlled failure mode. TTiis is 
useful in the case where the operating system incorporates 
an API which can be used to instruct it to direct its error 
handler routine to external code. 

Other techniques for detecting operating system failure 
include the use of a watchdog timer means. One example of 
a watchdog timer means is described in the Burckhartt 
patent, which operates in conjunction with a program run- 
ning under operating system control. The operating system 
periodically retriggers the timer during normal operation. If 
the time period of the timer described in the Burckhartt 
patent expires without the program retriggering it, the oper- 
ating system is assumed to have failed. The output of the 
timer is connected directly or indirectly to the reset pin of the 
processor, and causes the system to reset. This prevents 
useful information about the cause of the failure from being 
collected. 

With reference now to FIG. 9, the preferred watchdog 
timer mechanism (described below) of the present invention 
overcomes these limitations, and is preferable for use with 
the network enhanced BIOS, in that it allows the data 
transfer method of the network enhanced BIOS to be 
exploited. Information valuable for fault diagnosis may be 
captured and sent to a system manager remote from the 
failing machine. This is distinguished from the prior art by 
the fact that the watchdog mechanism does not immediately 
reset the machine, but instead allows certain preliminary 
data collection operations to take place first. The System 
Management Mode (SMM) of the microprocessor is 
exploited. A data collection routine 920 is installed by the 
network enhanced BIOS into System Management RAM 
(SMRAM) 121 (FIG. 2). This data collection 920 routine 
may be installed during any of a number of the steps 
described above, for example, during the kernel initializa- 
tion step 820 of FIG. 8. SMRAM 121 is only accessible 
when a System Management Interrupt (SMI) has occurred 
and is being serviced. SMM, SMRAM and SMI are 
described in the microprocessor manuals available from 
Intel Corporation. An SMI may be generated by means of an 
external timer 122 (FIG. 2) connected to the chipset 123 
external SMI pin. The chipset 123 combines this using a 
logical OR function (not shown) with its internal sources of 
SMI before passing this signal out, and into the micropro- 
cessor SMI pin. 

Alternatively the chipset may contain internal timers 
intended for power management or spare timers which may 
be programmed as a source of periodic SMI. An implemen- 
tation using such internal timers is preferable since no 
additional hardware need be provided. The timer generates 
an SMI 905 at a programmed interval. On each timer event 
an event counter stored in SMRAM is incremented 910. If 
the event counter reaches a predetermined value 915 the 
operating system has crashed and data collection is initiated. 
If the event counter has not reached the predetermined value, 
the SMI service routine is exited 935. A program running 
under operating system 901 control task decrements or 
zeroes the counter periodically 902 to prevent it from 
reaching the predetermined value. 

The details of implementation of the watchdog function 
will necessarily vary according to what hardware platform it 
is deployed on. Other equivalent implementations are pos- 
sible whereby the count is handled in a different fashion. 
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It is desirable to be able to run the same program to reset DMI, ESCD, and BIOS error log, to be transferred via the 

the watchdog program on any machine running the same network 300 to the remote workstation 200, or transferred 

operating system regardless of the details of implementation from the remote workstation and modified in the appropriate 

of the watchdog mechanism in SMRAM. Therefore the storage device in the network enhanced computer 400. 

conventional BIOS 500 preferably provides an API to enable 5 The BIOS may also contain a procedure for remotely 

watchdog, disable watchdog, set timeout period, and to reset loading a portion of BIOS itself to permit a portion of the 

the current count of SMI events. This API is preferably normal functionality of the BIOS to be downloaded from 

implemented as a service accessed via the BIOS 32-Bit another computer, such as server 100 on the network 300, 

service directory as described in the Standard BIOS 32-Bit * us reducm & the am0UI ? t of nonvolatde storage required on 

Service Proposal, Rev. 0.4, published by Phoenix Technolo- 10 ^ computer to store the BIOS code ^. Where an essential 

/»* Xa mm\ u • • ~ 4 au t tl portion of the normal functionality of the BIOS, such as the 

gies (May 24, 1993) herein incorporated by reference The POST code, must be downloaded from the second computer 

program running under operating system control may utilize m ^ uter 400 wiU not without a 

It^.f aCC€SS ng m t0 aCCeSS connection to the network 300. Since the network connec- 

the BIOS 32-Bit Services. (ions m pre f cra bl y encoded, this ensures that if the com- 

When an operating system crash is detected by this 15 puter ^ sto len and removed from its network connection, it 

preferred watchdog timer method various steps 920 may be w in no i onger complete the execution of POST and will 

taken to preserve information about the crash state for thereby be rendered unserviceable. This will serve as a 

subsequent diagnosis. Examples include copying some or all considerable deterrent to theft. 

of the computers memory to a reserved area on a disk Additionally, the remote console may cause data to be 
storage medium, often known as a core dump, and preserv- 20 transferred, via the network 300, and written into the non- 
ing the condition of the screen memory and video controller volatile memory device 125 used to hold the conventional 
registers, hence any diagnostic information which may have BIOS and network enhanced BIOS, thus updating some or 
been displayed by the operating system in its error routine. part of said BIOS such that a new version or configuration 
Further data which may be useful to collect will be apparent will be used when the first computer is next reset, 
to those of skill in the art. 25 ^ * s understood that various other modifications will be 
After all such steps to preserve the evidence have been apparent to and can be readily made by those skilled in the 
made the system may be reset 930. This reset uses a special art without departing from the scope and spirit of the present 
shutdown code stored in CMOS memory, or other equivalent invention. For example, although reference is made to a 
means, to communicate to the conventional BIOS, early in network enhanced computer being a desktop computer as 
its POST that the reset was as a result of a crash. This fact 30 shown m calloul 400 of FIG - l > ix aiso bc a server, 
can be displayed on the console, and if the network shown 18 callout 100 in FIG. 1. Accordingly, it is not 
enhanced BIOS is so configured it can enter the special intended that the scope of the claims be limited to the 
diagnostic mode automatically as a result of such a crash. An description or illustrations set forth herein, but rather that the 
SNMP alert conveying the fact of and optionally some claims be construed as encompassing all features of patent- 
information about the crash may be sent via the network 300 35 able novelty that reside in the present invention, including 
to another computer. The system manager remote from the ^se that would be treated as equivalents by those skilled in 
computer then has the option to transfer the diagnostic the art. 
information to his computer using an application exploiting What is claimed is: 

the transmission mechanisms of the network enhanced BIOS 1 A method of operating a computer, said computer 

before attempting to reload the computer's operating sys- 40 including a central processing unit (CPU) and a network 

tem * w - interface coupling said computer to a network, said method 

Special Diagnostic State comprising: 

As noted above, the BIOS preferably includes a special automatically executing an initial start-up software on 
diagnostic state whereby loading of the operating system is said CPU upon CPU system start-up; 
inhibited and the computer waits for further intervention to 45 loading and executing a network enhanced software on 
be initiated before loading the operating system 414 of FIG. said CPU on completion of at least a first portion of said 
4. This allows for diagnosis of errors which cause the system start-up software, said network enhanced software sup- 
to reboot. The remote console facility may be used to force porting a protocol for communicating with worksta- 
the computer into this special diagnostic state. This may be tions coupled to said computer network via said net- 
implemented through the use of a remote procedure call as 50 work interface; and 

described above. The network enhanced BIOS may also be loading and executing an operating system software on 

configured such that if a certain failure condition occurs in said CPU after said loading of said network enhanced 

the computer the special diagnostic state may be entered software, said operating system software being acces- 

automatically. sible by user-level application software programs 

The remote console on the remote workstation 200 may 55 executing on said CPU. 

be programmed, in conjunction with the network enhanced 2. The method of claim 1 wherein said network interface 

computer 400, to perform a number of useful functions comprises a network interface card (NIC) and said protocol 

while the network enhanced computer 400 is in the special for communicating with said network comprises a network 

diagnostic state, such as: causing the network enhanced protocol stack supporting a driver for said NIC. 

computer 400 to reset and re-execute the POST routines; 60 3. The method of claim 2 wherein said network protocol 

causing data to be read from a hard disk 160 on the network stack supports a network driver layer which complies with 

enhanced computer 400 and transferred via the network 300 at least a subset of the ODI specification, 

to the remote console; causing data to be transferred via the 4. The method of claim 2 wherein said network protocol 

network 300 from the remote workstation 200 to be the stack supports a network driver layer which complies with 

network enhanced computer 400 and written to the hard disk 65 at least a subset of the NDIS specification, 

storage 160 on the computer 400. The remote console may 5. The method of claim 1 wherein said network interface 

further cause data held in the BIOS such as CMOS settings, comprises a modem coupled through said CPU and said 
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protocol for communicating with said network supports a 23. The method of claim 17 wherein said remote work- 
modem interface to said network. station displays messages and system errors reported by said 

6. The method of claim 1 further comprising the step of start-up software executing on said CPU. 

sending a notification of the CPU system start-up via said 24. The method of claim 1 further comprising the step of 

network interface to a workstation coupled to said network. 5 said computer automatically entering into a diagnostic state 

7. The method of claim 6 wherein said network interface upon pre -determined error conditions, said diagnostic state 
comprises a NIC and said notification comprises sending an preventing the loading of said operating system software. 
SNMP alert message via said network. 25. The method of claim 17 further comprising the step of 

8. The method of claim 7 wherein said SNMP alert entering said computer into a diagnostic state whereby said 
message further comprises an identification of the cause of 3Q operating system software will not be loaded, said method 
the CPU system reset. further comprising the step of downloading additional soft- 

9. The method of claim 6 wherein said network interface ware programs to said computer from said remote worksta- 
comprises a NIC, said method further comprising the step of tion via said computer network, said additional software 
sending an SNMP alert message indicating said operating programs being executed on said CPU. 

system has been loaded. 26. The method of claim 17 wherein said remote work- 

10. The method of claim 1 wherein said operating system 15 station may further perform the steps of controlling power 
software will not be executed without the establishment by on system test (POST) routines within said start-up software 
said network enhanced software of a network connection executing on said CPU 

with a remote workstation attached to said network 2 7. The method of claim 17 wherein said remote work- 

11. ine memoa or claim 10 comprising the additional s(ation force said 

computer into a diagnostic state 

steps of downloading a second porUon of said start-up 20 tf ^ j sys [ em from loadin e 

software from said remote workstation via said network, t , , ; , 

said operating software not executing until said second whereb y said network enhanc *d software is available for 

portion of said start-up software has been downloaded and communication with said remote workstation, 

executed. ^8- The mem °d of claim 17 further comprising the steps 

12. The method of claim 1 wherein said network 25 of said remote workstation causing data to be read from a 
enhanced software multi-tasks a plurality of software ^rect access storage device locally coupled to said CPU, 
threads on said CPU. said data further being transmitted from said computer to 

13. The method of claim 12 wherein said CPU operates in said remote workstation. 

at least two modes, including a real mode and a protected 29. The method of claim 17 further comprising the steps 

mode, said network enhanced software executing said plu- 3Q of said remote workstation transmitting data to said 

rality of said software threads in said protected mode of said computer, said data being written to a direct access storage 

CPU. device locally coupled to said CPU. 

14. The method of claim 13 wherein said start-up software 30. The method of claim 1 further comprising the steps of 
executes in real mode of said CPU. downloading from a remote workstation to said computer 

15. The method of claim 14 further comprising the step of portions of said start-up software or said network enhanced 
executing a second portion of said start-up software after 35 so ftware 

said CPU has begun execution of said networked enhanced , ! « , , r4 , t . . 

software, said start-up software and said network enhanced wher f * ^ *«t*p sof f are net ™>* enhanced 

software sharing control of said CPU after said CPU begins soStwm wul te exccutcd U P 0Q me next occurrence of 

executing said network enhanced software. * y J? Qm Start ~ up ' . ... 

16. The method of claim 15 wherein said network 40 31- The method of claim 1 foruier comprising the step of 
enhanced software controls switching of the real mode and executing a RPC server on said computer, whereby a RPC 
protected mode of said CPU ^ cheQt executm g °n a remote workstation coupled to said 

17. The method of claim 1 wherein said network network <** execute remole P roced ™e calls on said corn- 
enhanced software allows a remote workstation coupled to P u i?' _ , , * • . + . 

said computer network to access said computer. 45 . 32 ' ^ m * ihod of claim 1 wherein sa,d start " u P software 

18. The method of claim 17 wherein a multi-tasked thread 1D r cludes aD earl ? P0ST P orllon as P art of said first P ortion 
within said network enhanced software allows for said of ,f ld 5 ?^P software and a remaining portion of POST, 
remote workstation to control said CPU. said method further eluding the steps of: 

19. The method of claim 17 wherein said network executing said early POST prior to said CPU's loading of 
enhanced software forwards output normally directed to a 50 said network enhanced software; and 

video controller on said computer to said remote workstation executing said remaining portion of POST after loading of 

via said network interface. said network enhanced software. 

20. The method of claim 18 further comprising the step of 33 • The method of claim 1 further comprising the step of 
generating a remote procedure call (RPC) from a remote said network enhanced software authenticating any mes- 
workstation to an RPC server routine executing on said CPU 55 sa g es received from said network. 

of said computer, said RPC server routine blocking its own 34 Tli e method of claim 33 wherein said message authen- 

execution until data is available for returning to said remote tication is performed using a secret key. 

workstation as the result of said remote procedure call. 35 - The method of claim 1 wherein said CPU operates in 

21. The method of claim 17 wherein said network at least two modes, including a protected mode, said method 
enhanced software permits said remote workstation to input 60 further comprising the steps of; 

messages simulating the effect of keystrokes entered on a executing said network enhanced software and said oper- 

keyboard attached to said computer. ating system software in protected mode; and 

22. The method of claim 21 wherein said messages are terminating execution of said network enhanced software 
received by a remote procedure call (RPC) server executing upon loading of said operating system software. 

on said CPU of said computer, said RPC server inserting 65 36. The method of claim 1 further including the step of 

said messages into a keyboard controller coupled to said retaining a portion of said network enhanced software in 

computer. memory after loading of said operating system software. 
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37. A method of operating a computer, said computer 
including a central processing unit (CPU) and a network 
interface coupling said computer to a network, said CPU 
operating in at least two modes including a real mode and a 
protected mode, said method comprising: 5 

executing a first basic input/output system (BIOS) on said 
CPU in real mode, said first BIOS performing a power 
on system test of said computer; 

executing a second BIOS on said CPU in protected mode 
after execution of a portion of said first BIOS, said 10 
second BIOS supporting a network protocol stack; and 

executing an operating system on said CPU in protected 
mode after execution of a portion of said second BIOS, 
said operating system software supporting user-level 
application software programs executing on said CPU. 15 

38. A network enhanced computer capable of communi- 
cating with a workstation coupled to a computer network, 
said computer comprising: 

a central processing unit (CPU); 

a network interface coupled to said CPU, said network 
interface coupling said computer to said computer 
network; 

a nonvolatile memory coupled to said CPU; 

an initial start-up software program, said CPU executing 2 s 
said start-up software automatically upon CPU system 
start-up, at least a first portion said start-up software 
being stored in said nonvolatile memory; 

a network enhanced software, said network enhanced 
software being executed on said CPU on completion of 30 
said at least a first portion of said start-up software, said 
network enhanced software supporting a protocol for 
communicating with said workstation coupled to said 
computer network via said network interface; and 

an operating system software executing on said CPU, said 35 
operating system software being accessible by user- 
level application software programs, said operating 
system software being loaded on said CPU after load- 
ing of said network enhanced software. 

39. The network enhanced computer of claim 38 wherein 40 
said network interface is a network interface card (NIC) 
comprising a device driver program accessible by said CPU, 
said protocol for communicating with said network com- 
prises a network protocol stack interfacing with said device 
driver program. 45 

40. The network enhanced computer of claim 39 wherein 
device driver program substantially complies with the ODI 
driver specification, said network protocol stack providing at 
least a subset of the ODI link-support-layer protocol to 
interface with said device driver program. 50 

41. The network enhanced computer of claim 39 wherein 
device driver program substantially complies with the NDIS 
driver specification, said network protocol stack providing at 
least a second subset of the NDIS protocol to interface with 
said device driver program. 55 

42. The network enhanced computer of claim 38 wherein 
said network interface is a modem coupled to said CPU and 
said protocol for communicating with said network supports 
a modem interface to said network. 

43. The network enhanced computer of claim 38 further 60 
comprising a program segment for sending a notification of 
the CPU system start-up via said network interface to a 
workstation coupled to said network, said notification being 
sent prior to said execution of said operating system. 

44. The network enhanced computer of claim 43 wherein 65 
said network interface is a NIC and said notification com- 
prises an SNMP alert message. 



45. The network enhanced computer of claim 38 further 
comprising a means for preventing the execution of said 
operating system software prior to the establishment by said 
network enhanced software of a network connection with a 
remote workstation attached to said network. 

46. The network enhanced computer of claim 38 further 
comprising a means for downloading a second portion of 
said start-up software from said remote workstation via said 
network, said operating software not executing until said 
second portion of said start-up software has been down- 
loaded. 

47. The network enhanced computer of claim 38 wherein 
said network enhanced software comprises: 

a multi-tasking kernel; and 

a plurality of software threads executing within said 
multi-tasking kernel on said CPU. 

48. The network enhanced computer of claim 47 wherein 
said CPU operates in at least two modes, including a real 
mode and a protected mode, said multi-tasking kernel com- 
prising a kernel operating in said CPU protected mode. 

49. The network enhanced computer of claim 48 wherein 
said start-up software executes in real mode of said CPU. 

50. The network enhanced computer of claim 49 wherein 
said start-up software and said multi-tasking kernel share 
control of said CPU after said CPU begins executing said 
network enhanced software. 

51. A computer capable of interacting with a computer 
network, said computer comprising: 

a central processing unit (CPU) providing at least two 
modes including a real mode and a protected mode; 

a network interface coupling said computer to said com- 
puter network; 

a nonvolatile memory coupled to said CPU; 

a first basic input/output system (BIOS), at least a portion 
of said first BIOS being stored in said nonvolatile 
memory such that said CPU calls said first BIOS upon 
system reset, said first BIOS further performing a 
power on system test of said computer; 

a second BIOS executing on said CPU in protected mode 
after execution of a portion of said first BIOS, said 
second BIOS supporting a network protocol stack; and 

an operating system executing on said CPU in protected 
mode after execution of a portion of said second BIOS, 
said operating system supporting user-level application 
software programs executing on said CPU. 

52. A system of remotely administrating at least one 
computer comprising: 

a computer network; 

a workstation coupled to said computer network, said 

workstation executing application software; and 
a computer comprising: 

a network interface coupling said computer to said 

computer network; 
a central processing unit (CPU); 
an initial start-up software program, said start-up soft- 
ware executing automatically upon CPU system 
reset; 

a network enhanced software being configured to be 
executed on said CPU upon execution of said at least 
a first portion of said start-up software, said network 
enhanced software supporting a protocol for com- 
municating with said workstation via said network 
interface; and 

an operating system software executing on said CPU, 
said operating system software being accessible by 
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user-level application software programs, said oper- 
ating system software being loaded on said CPU. 

53. The system of claim 52 further comprising a means for 
said remote workstation to access and control said CPU. 

54. The system of claim 53 further comprising a means for 5 
said remote workstation to input messages simulating the 
effect of keystrokes entered on a keyboard attached to said 
computer. 

55. The system of claim 53 wherein said computer may 
enter into a diagnostic state preventing said operating system 10 
software from being loaded, said system further comprising 

a means for downloading additional software programs to 
said computer from said remote workstation, said additional 
software programs being executed on said CPU. 

56. The system of claim 53 wherein said remote work- 15 
station comprises a means for controlling power on system 
test (POST) routines within said start-up software executing 
on said CPU. 

57. A computer capable of booting its operating system 
from a remote direct access storage device coupled to a 20 
workstation on a computer network, said computer com- 
prising: 

a central programming unit (CPU), said CPU providing a 
BIOS disk services interrupt for requesting data access; 

a nonvolatile memory; 25 

a network interface coupling said computer to said com- 
puter network; 

a start-up software, at least a portion of said start-up 
software being stored within said nonvolatile memory, 30 
said start-up software being configured within said 
computer so that said CPU calls said start-up software 
upon system start up, said start-up software comprising 
an operating system bootstrap program which utilizes 
said BIOS disk services interrupt to bootstrap said 35 
operating system; and 

a network enhanced kernel, at least a portion of said 
kernel being executed by said CPU after execution of 
at least a portion of said start-up software and before 
execution of said operating system bootstrap program, 
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said kernel supporting a protocol stack for communi- 
cating with said workstation, said kernel redirecting 
said BIOS disk services interrupt to capture said BIOS 
disk services interrupt and access said requested data 
from said workstation. 

58. A computer capable of booting its operating system 
from a workstation coupled to a computer network, said 
computer comprising: 

a central programming unit (CPU), said CPU providing a 
BIOS disk services interrupt for requesting data access; 
a nonvolatile memory; 

a network interface card (NIC) coupling said computer to 
said computer network; 

a start-up software, at least a portion of said start-up 
software being stored within said nonvolatile memory, 
said start-up software being configured within said 
computer so that said CPU calls said start-up software 
upon system start up, said start-up software comprising 
an operating system bootstrap program which utilizing 
said BIOS disk services interrupt to bootstrap said 
operating system; and 

a network multitasking kernel supporting a protocol stack 
for communicating with said workstation via said NIC, 
said multitasking kernel being executed prior to execu- 
tion of said operating system bootstrap program, said 
multitasking kernel executing a first disk redirection 
thread which accesses data from said workstation via 
said NIC, said BIOS disk services interrupt being 
redirected to said disk redirection thread, 

whereby said operating system is bootstrapped from said 
workstation through said disk redirection thread. 

59. The method of claim 3 wherein said network protocol 
stack is implemented by software stored in nonvolatile 
memory. 

60. The method of claim 4 wherein said network protocol 
stack is implemented by software stored in nonvolatile 
memory. 
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